Thank you Slavko for your answer.
On 13/03/2023 10:28, Slavko via Exim-users wrote:
Dňa 12. 3. o 22:34 Yves via Exim-users napísal(a):
[…]
— There is a DKIM signature done by my own server (d=yalis.fr), which
includes the From header, and that header is @yalis.fr.
Can be DKIM replay, it can be failed, only with purpose to fool users.
You didn't provide DKIM verify result...
I did not know how to verify the signature… Looking at Archlinux
packages, I selected opendkim; it man page says that opendkim-testmsg
returns nothing if the input message is good. I ran:
opendkim-testmsg <./"Hey, what's up? - <ad...@yalis.fr> - 2023-03-12
2223.eml"
which returned nothing, and $?==0. So the signature is valid!
Anyway, your Message-ID is signed, if that message was initialed from
your server, you must be able to find it in logs. And you can change
DKIM key, to be sure...
I checked per your advice on the server:
[root@seuil3 etc]# journalctl --grep 640E42D8.7020207
mars 12 20:23:47 seuil3 spamd[522247]: spamd: checking message
<640e42d8.7020...@yalis.fr> for nobody:182
mars 12 20:24:02 seuil3 spamd[522247]: spamd: result: . 3 -
BAYES_00,BITCOIN_PAY_ME,BITCOIN_SPAM_02,BITCOIN_YOUR_INFO,DKIM_ADSP_ALL,HELO_NO_DOMAIN,HTML_MESSAGE,PDS_BTC_ID,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_DNSWL_>
mars 12 20:24:02 seuil3 exim[594126]: 2023-03-12 20:24:02
1pbRIJ-002UYg-0j <= ad...@yalis.fr H=([93.184.14.24]) [93.184.14.24]
P=esmtp S=6613 id=640e42d8.7020...@yalis.fr
I’m not sure of how to understand that :-/
All 3 lines seem to me to relate to receiving the message. I don’t see a
line that is about sending the message, or signing it.
Could it be that the message is signed when I receive it? Could it be
because I use LMTP for delivering, instead of local drop?
If that is the explanation, it seems a bit “stupid” of Exim to do so…
Regards
> […]
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
